Vulnerabilities > Xfce

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-45062 Argument Injection or Modification vulnerability in multiple products
In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper.
network
low complexity
xfce debian fedoraproject CWE-88
critical
9.8
2022-06-13 CVE-2022-32278 XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.
network
low complexity
xfce debian
8.8
2021-05-11 CVE-2021-32563 Improper Control of Dynamically-Managed Code Resources vulnerability in Xfce Thunar
An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2.
network
low complexity
xfce CWE-913
critical
9.8
2019-11-14 CVE-2011-1588 Use of Externally-Controlled Format String vulnerability in multiple products
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
local
low complexity
xfce opensuse debian CWE-134
7.8
2018-10-19 CVE-2018-18398 Out-of-bounds Read vulnerability in Xfce Thunar and Xfce
Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV.
local
high complexity
xfce CWE-125
4.7